1. Field of the Invention
The present invention generally relates to authentication apparatuses and storage mediums, and more particularly to an authentication apparatus which authenticates individuals using biometric information and to a computer-readable storage medium which stores a program for causing a computer to carry out such an authentication.
Recently, due to popular use of computer networks, there are demands for techniques to confirm that a user is the person himself when making data access, approval, transfer, payment or the like on the computer network. When biometric information peculiar to the individual is used for the authentication of a certain individual, it is possible to positively authenticate this certain individual because other individuals cannot have the biometric information of this certain individual.
In this specification, the biometric information refers to information which is peculiar to an individual, different for each individual, and normally remains unchanged as long as the individual lives. This biometric information may be a fingerprint, voice pattern, palmar pattern, face, iris, retina, vascular pattern, signature or the like.
2. Description of the Related Art
First, a description will be given of an example of a conventional authentication apparatus. The biometric information such as the fingerprint is converted into electronic information such as image information by various sensors such as a CCD camera. This electronic information is subjected to various kinds of information processing so as to extract information which is used as a key that is required for a biometric information verification process. Thereafter, biometric key information of each of registered individuals and the extracted biometric key information are verified, so as to authenticate the individual.
In the case where the fingerprint is used as the biometric information, for example, patterns of crests are used as the biometric information. Fine undulations or lines are formed at the human finger tips, and convex portions of such undulations are referred to as crests. The crests form a pattern which is peculiar to each individual. In addition, when the crest is followed, various points exist, such as a branch point where the crest branches into a plurality of branches and an end point where the crest terminates. Distributions of such branch points and end points are different for each individual, and such points on the crest are also referred to as feature points of the fingerprint. When verifying the fingerprints, the position, type and direction of the feature points of the input fingerprint are compared with the position, type and direction of the registered fingerprints, and the sameness of the input fingerprint with one of the registered fingerprints is determined based on whether a match exists.
More particularly, the input fingerprint is obtained by first extracting a fingerprint image by a fingerprint sensor. The extracted fingerprint image is binarized and thinned, so as to obtain a thinned fingerprint image in which a width of the crest is 1 pixel. The feature points of the fingerprint are extracted from this thinned fingerprint image. Generally, the extracted feature points include erroneous feature points, and for this reason, a process is carried out to eliminate the erroneous feature points. Thereafter, the position, type, direction and the like of each of the feature points are collected as feature information, and this feature information is stored as input fingerprint data.
Registered fingerprint data are also obtained by carrying out processes similar to those used to obtain the input fingerprint data described above. The registered fingerprint data are registered in a storage unit or the like which forms a database.
In the authentication apparatus which uses the biometric information to confirm a user's identify when making a data access or log-in to a computer, it is necessary to register the biometric information such as the fingerprints in advance. However, if the registered biometric information is stolen, the stolen biometric information may be put to bad use, and there is also a possibility of violating privacy.
Compared to an authentication apparatus which uses a password or the like, the authentication apparatus which uses the biometric information makes it more difficult for a person to assume a false identify. But on the other hand, in the case where the biometric information of the individuals is measured and used in the authentication apparatus, it is necessary to prevent privacy information of the individuals from leaking (i.e., unauthorized disclosure to, or theft thereof by, third parties).
Conventionally, stand-alone type authentication apparatuses were the majority, but recently, the use of client-server type authentication apparatuses coupled to networks has increased. In the case of the client-server type authentication apparatus, it is necessary to register the biometric information of the individuals in a server, and transmit the biometric information via the network. For this reason, if the reliability of the server and/or the network is poor and the data management reliability is not sufficiently high, there is a possibility of the biometric information of the individuals being stolen by or leaked to an unauthorized third party.